White Shark Virus
White Shark Virus is a rogue malware remover and clone of WireShark Antivirus which uses the name of a legitimate company to urge unwary computer users to purchase a fake product. White Shark Virus uses a Trojan virus to get onto the system undetected before configuring the system to launch the White Shark Virus program everytime Windows boots up. White Shark Virus produces fake warnings claiming the PC is infected with malware to urge the user to purchase White Shark Virus. White Shark Virus cannot remove malware and is designed to pilfer money from hapless computer users. Do not fall for its trickery and have White Shark Virus and all related trojans removed using a reliable malware remover.
File System Modifications
- The following files were created in the system:
# File Name 1 %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn.exe 2 %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151.acf 3 %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151.ltd 4 %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151.lti 5 %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151_0.acb 6 %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151_0.aci 7 %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151_0.mt 8 %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsrr.exe 9 %UserProfile%\Application Data\Microsoft\Internet Explorer\lleod150 10 %UserProfile%\Application Data\Microsoft\Internet Explorer\wmharun.log 11 %UserProfile%\Application Data\Microsoft\Internet Explorer\wmrun.log 12 %UserProfile%\Start Menu\Programs\Sysinternals Antivirus 13 %UserProfile%\Start Menu\Programs\Sysinternals Antivirus\Sysinternals Antivirus.lnk 14 c:\Program Files\adc_w32.dll 15 c:\Program Files\alggui.exe 16 c:\Program Files\extra1.dat 17 c:\Program Files\extra2.dat 18 c:\Program Files\nuar.old 19 c:\Program Files\scdata 20 c:\Program Files\scdata\dbsinit.exe 21 c:\Program Files\scdata\images 22 c:\Program Files\scdata\images\i1.gif 23 c:\Program Files\scdata\images\i2.gif 24 c:\Program Files\scdata\images\i3.gif 25 c:\Program Files\scdata\images\j1.gif 26 c:\Program Files\scdata\images\j2.gif 27 c:\Program Files\scdata\images\j3.gif 28 c:\Program Files\scdata\images\jj1.gif 29 c:\Program Files\scdata\images\jj2.gif 30 c:\Program Files\scdata\images\jj3.gif 31 c:\Program Files\scdata\images\l1.gif 32 c:\Program Files\scdata\images\l2.gif 33 c:\Program Files\scdata\images\l3.gif 34 c:\Program Files\scdata\images\pix.gif 35 c:\Program Files\scdata\images\t1.gif 36 c:\Program Files\scdata\images\t2.gif 37 c:\Program Files\scdata\images\Thumbs.db 38 c:\Program Files\scdata\images\up1.gif 39 c:\Program Files\scdata\images\up2.gif 40 c:\Program Files\scdata\images\w1.gif 41 c:\Program Files\scdata\images\w11.gif 42 c:\Program Files\scdata\images\w2.gif 43 c:\Program Files\scdata\images\w3.jpg 44 c:\Program Files\scdata\images\word.doc 45 c:\Program Files\scdata\images\wt1.gif 46 c:\Program Files\scdata\images\wt2.gif 47 c:\Program Files\scdata\images\wt3.gif 48 c:\Program Files\scdata\wispex.html 49 c:\Program Files\skynet.dat 50 c:\Program Files\svchost.exe 51 c:\Program Files\Sysinternals Antivirus 52 c:\Program Files\Sysinternals Antivirus\Sysinternals Antivirus.exe 53 C:\Program Files\Wireshark Antivirus\Wireshark Antivirus.exe 54 c:\Program Files\wp3.dat 55 c:\Program Files\wp4.dat
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "novavapp"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "novavappr"HKEY_CURRENT_USER\Software\Wireshark AntivirusHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ExplorerBrowser Helper Objects{149256D5-E103-4523-BB43-2CFB066839D6}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID{149256D5-E103-4523-BB43-2CFB066839D6}HKEY_LOCAL_MACHINE\SYSTEM\Current\Control\SetServices\AdbUpd
wat is white shark virus...i can hear that name...thanks